The present invention relates generally to a location verification method, and more particularly, but not by way of limitation, to a system, method, and recording medium for verifying a location of a device based on comparing a signal strength received by the device with a signal strength received by an access point (AP) in a vicinity of the device.
Handheld (portable) devices send a location of a device based on a Global Positioning System (GPS). However, these coordinates can be faked or misrepresented by an owner (or another user) of the device if required to gain access to an access point that requires a location verification.
Conventionally, access to specific resources can be given based on an identification and a location of the user. The user is typically given a device that can send a location (e.g., based on GPS coordinates). This, along with the credentials of the user is used to verify that a user is at a particular location. Thus, a two-tier security measure is in place. However, unless the device is tamper-resistant, the owner can fake the location of the device. Global attestation procedure is a way of making the job of a malicious user difficult by validating credentials from surrounding devices called “Brokers”. For example, access to a server can be guaranteed only if the user's device is connected to the office network through Wi-Fi. In this case, the access point reports that the user is physically connected to the office network and hence is likely inside the office (or at least nearly).
Thus, the needs in the art include a location verification technique that is not susceptible to location spoofing due to the one-way verification required from the device-to-server verification.